I tried to connect to my kafka server on my bearmetal kubernetes installation with default settings. Install with helm
helm install kafka oci://registry-1.docker.io/bitnamicharts/kafka -n kafka
client.properties:
security.protocol=SASL_PLAINTEXT
sasl.mechanism=SCRAM-SHA-256
sasl.jaas.config=org.apache.kafka.common.security.scram.ScramLoginModule required \
username="user1" \
password="$(kubectl get secret kafka-user-passwords --namespace kafka -o jsonpath='{.data.client-passwords}' | base64 -d | cut -d , -f 1);
Producer calls on kafka-client
kubectl exec --tty -i kafka-client --namespace kafka -- bash
kafka-console-producer.sh \
--producer.config /tmp/client.properties \
--bootstrap-server kafka.kafka.svc.cluster.local:9092 \
--topic test
Error message
ERROR [Producer clientId=console-producer] Connection to node -1 (kafka.kafka.svc.cluster.local/10.103.15.48:9092) failed authentication due to: Authentication failed during authentication due to invalid credentials with SASL mechanism SCRAM-SHA-256 (org.apache.kafka.clients.NetworkClient)
How can I solve this problem? Is user1 valid username ín this kafka installation?
I found user1 client ín https://github.com/bitnami/charts/blob/main/bitnami%2Fkafka%2Fvalues.yaml
Thanks for all suggestion!
Ok, I use plain Text auth for success test. I copied the output of this command to the client.properties:
kubectl get secret kafka-user-passwords --namespace kafka -o jsonpath='{.data.client-passwords}' | base64 -d | cut -d , -f 1
And the client.properties file looks like this:
security.protocol=SASL_PLAINTEXT
#sasl.mechanism=SCRAM-SHA-256
sasl.mechanism=PLAIN
sasl.jaas.config=org.apache.kafka.common.security.plain.PlainLoginModule required username="user1" password="OUTPUT_OF_GET_SECRET";